Detecting Anomalous Network Behavior

Live Oak Bank, based in Wilmington, N.C., isn't your typical financial services institution. The bank, the second largest U.S. provider of small business loans, handles the vast majority of its business online.

But like all financial services firms, Live Oak Bank is under constant online attack by criminals attempting to take over accounts and commit fraud, says Thomas Hill, CIO. What's essential for helping to defend against those attacks is watching for any and all anomalous behavior across networks, users and devices, he says.

In this interview at Information Security Media Group's recent Fraud and Data Breach Summit in San Francisco, where he was a featured speaker in sponsor Praesidio's presentation, Hill discusses:

Collecting and consolidating log data;

Consuming logs;

Creating alerts;

The evolution of security incident and event management technology.

Before joining Live Oak Bank, Hill served as CISO of
risk, information security and compliance for Verizon Telematics; CSO for AVP and risk and information security officer for S1 Corp.; and senior security consultant for BT Consulting.

About the Author

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the Executive Editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, amongst other publications. He lives in Scotland.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;